R264. Request authentication

This document details the security requirements and guidelines related to secure user authentication management in the organization. In this case, it is recommended that the system require authentication for all resources not explicitly classified as public.

Requirement

The system must require authentication for all resources,
except for the consultation or visualization of those specifically classified
as public.

Description

Sometimes systems have information and other resources that are not considered
public.
These resources should be protected by a secure authentication mechanism that
prevents unauthorized actors from accessing them.